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DETAILED ACTION 

1 . Claims 1-80 are pending. The following is a non-final first Office action on the merits of 
claims 1-80. 

Claim Objections 

2. The ordering of claims is objected to. Claim 45 refers to claim 2 but appears after a new 
independent claim and its dependent claims. Claims 46-49 depend from claim 45. A series of 
singular dependent claims is permissible in which a dependent claim refers to a preceding claim 
which, in turn, refers to another preceding claim. A claim which depends from a dependent 
claim should not be separated by any claim which does not also depend from said dependent 
claim. It should be kept in mind that a dependent claim may refer to any preceding independent 
claim. In general, applicant's sequence will not be changed. See MPEP § 608.01 (n). 

Claim Rejections - 35 USC §102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign 
country or in public use or on sale in this country, more than one year prior to the date of 
application for patent in the United States. 

3. Claims 1-4, 23-26, 51-54 rejected under 35 U.S.C. 102(b) as being anticipated by 
"Online Payments Raising Host of Unresolved Issues" (Random Deposit). 
Regarding claim 1 : 

Random Deposit teaches: 

• providing an account, the account a first account type providing a first set of services, 
the first set of services requiring a first level of authentication (unverified account); 
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• presenting an accountholder a one-time challenge/response mechanism; and if the 
accountholder clears the challenge, converting the account to a second account type for 
all time (see Abstract, verified account). 
Regarding claim 2: 

Random Deposit teaches wherein the challenge/response mechanism requires an 
accountholder to provide information known only to the accountholder; and wherein the second 
type provides the first set of services plus further services associated therewith, the further 
services requiring at least one further level of authentication, (see Abstract). 
Regarding claim 3: 

Random Deposit teaches either of the steps of creating the account when making an initial 
purchase; and creating a record in a subscriber database. Examiner notes the database is 
inherent in storing subscriber accounts. 
Regarding claim 4: 

Random Deposit teaches wherein subscribers include subscribers to any of an online service 

(see Abstract); and an ISP (Internet service provider). 

Regarding claims 23-26 and 51-54: 

The claims are rejected for the same reasons as claims 1-4. 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 5, 14, 45, 47, 48, 27, 55, 36, 64, 76, 78, 79 rejected under 35 U.S.C. 103(a) as 

being unpatentable over Random Deposit in view of Official Notice. 
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Regarding claim 5: 

Random Deposit teaches wherein the step of presenting a challenge/response mechanism 
comprises steps of: requesting a service from within the account of the first type that is only 
available from within an account of the second type; and prompting the accountholder to provide 
the information known only to the accountholder (see Abstract). 

Random Deposit does not teach prompting for the information one time only. Official Notice is 
taken that it would have been obvious to one of ordinary skill in the art at the time of invention to 
modify the invention to include prompting for the information one time only. One skilled in the 
art would have been motivated to make the modification for the benefit of increased security. 
Regarding claim 14: 

Random Deposit teaches configuring the challenge by an account provider, wherein configuring 
the challenge includes specifying information requested by the challenge. 
Random Deposit does not expressly disclose specifying a permissible number of response 
attempts. Official Notice is taken that it would have been obvious to one of ordinary skill in the 
art at the time of invention to have modified the invention to include said feature(s). At the time 
of invention it was old and well known to one of ordinary skill in the art to specify a permissible 
number of response attempts (eg. an account lock-out after a certain number of incorrect login 
attempts). One skilled in the art would have been motivated to make the modification for the 
benefit of increased security. 
Regarding claim 45: 

Random Deposit does not teach wherein said at least one further level of authentication 
comprises accessing said account from a client device previously established as trusted. 
Official Notice is taken that it would have been obvious to one of ordinary skill in the art at the 
time of invention to have modified the invention to include said feature(s). At the time of 
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invention, it was old and well known in the art to establish devices as trusted. One skilled in the 
art would have been motivated to make the modification for the benefit of increased security. 
Regarding claim 47: 

Official Notice is taken that it would have been obvious to one of ordinary skill in the art at the 
time of invention to have modified the invention to include reestablishing a client as trusted if a 
trusted state is compromised. One skilled in the art would have been motivated to make the 
modification for the benefit of increased security. 
Regarding claim 48: 

Official Notice is taken that it would have been obvious to one of ordinary skill in the art to 
modify the invention to include providing a visual indicator of a trusted state. At the time of 
invention, it was old and well known in the art to provide visual indicators. One skilled in the art 
would have been motivated to make the modification for the benefit of convenience. 
Regarding claims 27 and 55: 

The claims are rejected for the same reasons as claim 5. 
Regarding claims 36 and 64: 

The claims are rejected for the same reasons as claim 14. 
Regarding claims 76-79: 

The claims are rejected for the same reasons as claims 45-48. 

5. Claims 46 and 77 rejected under 35 U.S.C. 103(a) as being unpatentable over Random 
Deposit in view of Official Notice, further in view of Shafron et al. (US Pat. App. No. 
20020186255). 
Regarding claim 46: 

Shafron teaches a second-level password (see Figure 15). It would have been obvious to one 
of ordinary skill in the art at the time of invention to have modified the invention above with said 
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feature(s). One skilled in the art would have been motivated to make the modification for the 
benefit of increased security. 

6. Claim 49 and 80 rejected under 35 U.S.C. 103(a) as being unpatentable over Random 
Deposit in view of Official Notice, further in view of Blinn et al (US Pat. Appl. No. 
2004/0260647). 

Regarding claims 49 and 80: 

Blinn et al. teaches managing authentication for various online products and sites (see [0005]). 
Blinn et al. does not expressly teach providing a security controls panel that permits 
accountholders to change the information. Official Notice is taken that it would have been 
obvious to one of ordinary skill in the art to modify the invention to include providing said 
feature. At the time of invention, it was old and well known in the art to provide control panels to 
change information. One skilled in the art would have been motivated to make the modification 
for the benefit of convenience. 

7. Claims 6-11, 15, 16, 28-33, 56-61, 37, 38, 65, 66 rejected under 35 U.S.C. 103(a) as 
being unpatentable over Random Deposit in view of "User Agreement for Paypal Service" (User 
Agreement). 

Regarding claim 6: 

User Agreement, not Random Deposit, teaches wherein the account comprises an electronic 
wallet, the first type comprising a thin wallet wherein the first set of services comprises at least 
one low-risk task requiring a low security level, (see Section III subsection 1i). It would have 
been obvious to one of ordinary skill in the art at the time of invention to have modified the 
invention above with said feature(s). One skilled in the art would have been motivated to make 
the modification for the benefit of increased security. 
Regarding claim 7: 
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User Agreement, not Random Deposit, teaches wherein the at least one low-risk task comprises 
any of: 

making purchases not exceeding a predetermined purchase amount, (see Section III subsection 
1i); making transactions using default account information; and making purchases at sites 
requiring only the first level of authentication. It would have been obvious to one of ordinary skill 
in the art at the time of invention to have modified the invention above with said feature(s). One 
skilled in the art would have been motivated to make the modification for the benefit of 
increased security. 
Regarding claim 8: 

User Agreement, not Random Deposit, teaches wherein the second type comprises a full wallet 
and the further rights comprise additional tasks requiring greater security than the low level of 
security, (see Section III subsection 1i). It would have been obvious to one of ordinary skill in 
the art at the time of invention to have modified the invention above with said feature(s). One 
skilled in the art would have been motivated to make the modification for the benefit of 
increased security. 
Regarding claim 9: 

User Agreement, not Random Deposit, teaches wherein the additional tasks comprise any of: 
editing the default account information; 
editing account preferences; 

making purchases that exceed a predetermined purchase amount, (see Page 5 section III 
subsection 1i); 

and making purchases at sites that require the at least one level of further authentication. 
It would have been obvious to one of ordinary skill in the art at the time of invention to have 
modified the invention above with said feature(s). One skilled in the art would have been 
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motivated to make the modification for the benefit of increased security. 
Regarding claim 10: 

User Agreement, not Random Deposit, teaches a step of authenticating at the first level to gain 
access to the first account (See Section 5 subsection 6e). It would have been obvious to one of 
ordinary skill in the art at the time of invention to have modified the invention above with said 
feature(s). One skilled in the art would have been motivated to make the modification for the 
benefit of increased security. 
Regarding claim 11: 

User Agreement, not Random Deposit, teaches wherein authenticating at the first level 
comprises providing a user ID and a first-level password (See Section V subsection 6e). It 
would have been obvious to one of ordinary skill in the art at the time of invention to have 
modified the invention above with said feature(s). One skilled in the art would have been 
motivated to make the modification for the benefit of increased security. 
Regarding claim 15: 

User Agreement, not Random Deposit, teaches wherein the step of converting the account 
comprises steps of: 

creating a record in a wallet account database; 
providing notice of a privacy policy; and 

consenting to the privacy policy by the account holder (see Paragraph 3). 

It would have been obvious to one of ordinary skill in the art at the time of invention to have 

modified the invention above with said feature(s). One skilled in the art would have been 

motivated to make the modification for the benefit of increased security. 

Regarding claim 16: 
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User Agreement, not Random Deposit, teaches creating a second-level challenge. Examiner 
interprets second-level challenge as the challenge/response mechanism used to convert the 
account. It would have been obvious to one of ordinary skill in the art at the time of invention to 
have modified the invention above with said feature(s). One skilled in the art would have been 
motivated to make the modification for the benefit of increased security. 
Regarding claims 28-33 and 56-61: 
The claims are rejected for the same reasons as claims 6-1 1 . 
Regarding claims 37 and 65: 

The claims are rejected for the same reasons as claim 15. 
Regarding claims 38 and 66: 

The claims are rejected for the same reasons as claim 16. 

8. Claims 12, 13, 34, 35, 62, 63 rejected under 35 U.S.C. 103(a) as being unpatentable 
over Random Deposit in view of User Agreement, further in view of Official Notice. 
Regarding claim 12: 

User Agreement teaches storing credit card numbers in the first account. User Agreement does 
not expressly disclose the method of claim 2 wherein the information known only to the account 
holder comprises at least a portion of a credit card number stored in the first account. Official 
Notice is taken that it would have been obvious to one of ordinary skill at the time of invention to 
modify the invention to include said feature(s). At the time of invention verifying information 
known only to the account holder wherein the information comprises at least a portion of a credit 
card number was old and well known in the art (eg. verification of last four digits or security 
code). One skilled in the art would have been motivated to make the modification for the benefit 
of increased security. 
Regarding claim 13: 
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Random Deposit does not expressly teach if the accountholder doesn't clear the challenge, 
allowing a predetermined number of attempts to enter the information; and if the accountholder 
fails the predetermined number of attempts, allowing the accountholder to provide a new credit 
card number; and presenting a challenge based on the new credit card number. Official Notice 
is taken that it would have been obvious to one of ordinary skill in the art at the time of invention 
to have modified the invention to include said feature(s). One skilled in the art would have been 
motivated to make the modification for the benefit of increased security. 
Regarding claims 34 and 62: 

The claims are rejected for the same reasons as claim 12. 
Regarding claims 35 and 63: 

The claims are rejected for the same reasons as claim 13. 

9. Claims 17, 18, 39, 40, 67, 68 rejected under 35 U.S.C. 103(a) as being unpatentable 
over Random Deposit in view of User Agreement, further in view of Shafron. 
Regarding claim 17: 

Shafron, not Random Deposit or User Agreement, teaches wherein the step of creating a 
second-level challenge comprises any of the steps of: 
setting a second-level password (see Figure 15); and 
configuring a security question by the accountholder. 

It would have been obvious to one of ordinary skill in the art at the time of invention to modify 
the invention to include said feature(s). One skilled in the art would have been motivated to 
make the modification for the benefit of increased security. 
Regarding claim 18: 

Shafron, not Random Deposit or User Agreement, teaches wherein the at least one further level 
of authentication requires any of the steps of: 
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providing the second-level password; and 
clearing the security question. 

It would have been obvious to one of ordinary skill in the art at the time of invention to modify 
the invention to include said feature(s). One skilled in the art would have been motivated to 
make the modification for the benefit of increased security. 
Regarding claims 39 and 67: 

The claims are rejected for the same reasons as claims 17 and 18. 
Regarding claims 40 and 68: 

The claims are rejected for the same reasons as claims 17 and 18. 

10. Claims 19-22, 41-44, 69-72 rejected under 35 U.S.C. 103(a) as being unpatentable over 
Random Deposit in view of User Agreement, further in view of Shafron, further in view of Official 
Notice. 

Regarding claim 19: 

Random Deposit does not expressly disclose providing a user interface accessible only to 
holders of accounts of the second type to edit account information and preferences. 
Official Notice is taken that it would have been obvious to one of ordinary skill in the art at the 
time of invention to have modified the invention to include said feature(s). At the time of 
invention, it was old and well known in the art to provide separate user interfaces to users with 
different privilege levels (eg. Microsoft Windows administrator account). One skilled in the art 
would have been motivated to make the modification for the benefit of increased security. 
Regarding claim 20: 

User Agreement teaches wherein the account information comprises any of: 
first name; 
middle initial; 
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last name; 

credit card type; 

credit card number; 

credit card expiration date; 

billing address; 

city; 

state; 

postal code; 
country; 

daytime phone; and 

evening phone. 

(see Section VIII subsection 1) 
It would have been obvious to one of ordinary skill in the art at the time of invention to have 
modified the invention above with said feature(s). One skilled in the art would have been 
motivated to make the modification for the benefit of convenience. 
Regarding claim 21: 

User Agreement teaches wherein first account type comprises a thin wallet, the thin wallet 
comprising a record in a subscriber database, and wherein the second account type comprises 
a full wallet, the full wallet comprising the record in the wallet database. 
User Agreement does not expressly disclose wherein full wallet is initially populated with 
information from the thin wallet. Official Notice is taken that it would have been obvious to one 
of ordinary skill in the art to modify the invention to include said feature. At the time of invention, 
it was old and well known in the art to populate new records with old records, (eg. database 
tables). One skilled in the art would have been motivated to make the modification for the 
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benefit of efficiency. 
Regarding claim 22: 

Random Deposit teaches a step of providing a wallet server, wherein the wallet server 
comprises a web server having a wallet application running thereon, the wallet server operative 
to pull account information from either the subscriber database or the wallet database (see 
Abstract). 

Regarding claims 41-44 and 69-72: 

The claims are rejected for the same reasons as claims 19-22. 

11. Claim 50 rejected under 35 U.S.C. 103(a) as being unpatentable over Shafron in view of 
Random Deposit. 
Regarding claim 50: 

A system for converting an electronic wallet comprising: 
Shafron teaches: 

a wallet server (see [0130]); 

a wallet database (see [0130]); 

a subscriber database (see Abstract); 

wherein the wallet server is in communication with the wallet and the subscriber 
databases; and 

a client in communication with the wallet server, wherein a wallet accountholder requests 

services from the wallet server (see Figure 16); 
Random Deposit, not Shafron, teaches wherein the server includes means for converting the 
electronic wallet. It would have been obvious to one of ordinary skill in the art at the time of 
invention to have modified the invention above with said feature(s). One skilled in the art would 
have been motivated to make the modification for the benefit of increased security. 
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12. Claims 73-75 rejected under 35 U.S.C. 103(a) as being unpatentable over Shafron in 
view of Random Deposit, further in view of Official Notice. 
Regarding claim 73: 

Shafron teaches relaying data between wallet server and subscriber database. Shafron does 
not expressly teach a second server in order to do so. Official Notice is taken that it would have 
been obvious to one of ordinary skill in the art at the time of invention to have modified the 
invention to include said feature(s). One skilled in the art would have been motivated to make 
the modification for the benefit of increased efficiency. 
Regarding claim 74: 

The references as applied to claim 73 do not expressly teach a router, the router operative to 
link at least a first and a second network, wherein the wallet server occupies the first network 
and wherein the second server and the subscriber database occupy the second network. 
Official Notice is taken that it would have been obvious to one of ordinary skill in the art at the 
time of invention to have modified the invention to include said feature(s). One skilled in the art 
would have been motivated to make the modification for the benefit of increased efficiency. 
Regarding claim 75: 

Shafron does not expressly teach wherein the wallet database occupies said second network. 
Official Notice is taken that it would have been obvious to one of ordinary skill in the art at the 
time of invention to have modified the invention to include said feature(s). One skilled in the art 
would have been motivated to make the modification for the benefit of increased efficiency. 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to ERIC WONG whose telephone number is (571)270-3405. The examiner 
can normally be reached on Monday-Friday 7:30AM-5:00PM, alternating Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Tom Dixon can be reached on (571)272-6803. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/THOMAS A DIXON/ Eric Wong 

Supervisory Patent Examiner, Art Unit 4172 Examiner 



Jan 2008 



